Lucene search
This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.HP_VMM_6_0_0_0.NASLHistoryMay 05, 2010 - 12:00 a.m.
HP Virtual Machine Manager For Windows < 6.0.0.0
2010-05-0500:00:00
This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
37
CVSS2
9
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
EPSS
0.006
Percentile
78.0%
The version of HP Virtual Machine Manager running on the remote host has multiple, unspecified vulnerabilities. These include unauthorized access and privilege escalation vulnerabilities.
An authenticated attacker can reportedly exploit these issues to take control of the host.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(46239);
script_version("1.10");
script_cvs_date("Date: 2018/11/15 20:50:27");
script_cve_id("CVE-2010-1035");
script_bugtraq_id(39637);
script_xref(name:"Secunia", value:"39583");
script_name(english:"HP Virtual Machine Manager For Windows < 6.0.0.0");
script_summary(english:"Checks the product version in the KB");
script_set_attribute(
attribute:"synopsis",
value:
"The virtualization manager on the remote Windows host has multiple
vulnerabilities."
);
script_set_attribute(
attribute:"description",
value:
"The version of HP Virtual Machine Manager running on the remote host
has multiple, unspecified vulnerabilities. These include unauthorized
access and privilege escalation vulnerabilities.
An authenticated attacker can reportedly exploit these issues to take
control of the host."
);
script_set_attribute(
attribute:"see_also",
value:"https://seclists.org/bugtraq/2010/Apr/201"
);
# http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02031621
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?ebbc0965"
);
script_set_attribute(
attribute:"solution",
value:"Upgrade to HP Virtual Machine Manager 6.0.0.0 or later."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date",value:"2010/04/21");
script_set_attribute(attribute:"patch_publication_date",value:"2010/04/21");
script_set_attribute(attribute:"plugin_publication_date",value:"2010/05/05");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:hp:insight_virtual_machine_management");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("hp_vmm_installed.nasl");
script_require_keys("SMB/hpvmm/version");
exit(0);
}
include("smb_func.inc");
include("smb_hotfixes.inc");
ver = get_kb_item("SMB/hpvmm/version");
if (!ver) exit(1, "The 'SMB/hpvmm/version' KB item is missing.");
# Versions < 6.0.0.0 are vulnerable.
v = split(ver, sep:'.', keep:FALSE);
if (int(v[0]) < 6)
{
port = kb_smb_transport();
if (report_verbosity > 0)
{
report =
'\nInstalled version : '+ver+
'\nFixed version : 6.0.0.0\n';
security_hole(port:port, extra:report);
}
else security_hole(port);
}
else exit(0, 'HP VMM version '+ver+' is not affected.');
Related
cvelist
cvelist
CVE-2010-1035
2010-04-23 14:00:00
nvd
nvd
CVE-2010-1035
2010-04-23 14:30:01
securityvulns
securityvulns
prion
prion
Design/Logic Flaw
2010-04-23 14:30:00
cve
cve
CVE-2010-1035
2010-04-23 14:30:01
CVSS2
9
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
EPSS
0.006
Percentile
78.0%
Related for HP_VMM_6_0_0_0.NASL